A Certificate Authority (CA) generates a key pair that will be used for encryption and decryption of
email. The integrity of the encrypted email is dependent on the security of which of the following?

Which system consists of a publicly available set of databases that contain domain name
registration contact information?

A tester has been hired to do a web application security test. The tester notices that the site is
dynamic and must make use of a back end database.
In order for the tester to see if SQL injection is possible, what is the first character that the tester
should use to attempt breaking a valid SQL request?

Which set of access control solutions implements two-factor authentication?

What is the name of the international standard that establishes a baseline level of confidence in
the security functionality of IT products by providing a set of requirements for evaluation?

Advanced encryption standard is an algorithm used for which of the following?

Which statement best describes a server type under an N-tier architecture?

During a penetration test, a tester finds that the web application being analyzed is vulnerable to
Cross Site Scripting (XSS). Which of the following conditions must be met to exploit this
vulnerability?

Which protocol and port number might be needed in order to send log messages to a log analysis
tool that resides behind a firewall?

A certified ethical hacker (CEH) is approached by a friend who believes her husband is cheating.
She offers to pay to break into her husband’s email account in order to find proof so she can take
him to court. What is the ethical response?